Modern Authentication Schemes in Smartphones and IoT Devices: An Empirical Survey

Milad Taleby Ahvanooey*, Mark Xuefang Zhu*, Qianmu Li*, Wojciech Mazurczyk, Kim Kwang Raymond Choo, Brij B. Gupta, Mauro Conti

*Corresponding author for this work

Research output: Contribution to journalArticleScientificpeer-review


User authentication remains a challenging issue, despite the existence of a large number of proposed solutions, such as traditional text-based, graphical-based, biometrics-based, web-based, and hardware-based schemes. For example, some of these schemes are not suitable for deployment in an Internet of Things (IoT) setting, partly due to the hardware and/or software constraints of IoT devices. The increasing popularity and pervasiveness of IoT equipment in a broad range of settings reinforces the importance of ensuring the security and privacy of IoT devices. Therefore, in this paper, we conduct a comprehensive literature review and an empirical study to gain an in-depth understanding of the different authentication schemes as well as their vulnerabilities and deficits against various types of cyberattacks when applied in IoT-based systems. Based on the identified limitations, we recommend several mitigation strategies and discuss the practical implications of our findings.

Original languageEnglish
Article number9662439
Number of pages25
JournalIEEE Internet of Things Journal
Publication statusE-pub ahead of print - 2022


  • Authentication schemes
  • Password security
  • , In- ternet of Things (IoT)
  • Cracking attacks
  • Biometrics
  • Graphical passwords


Dive into the research topics of 'Modern Authentication Schemes in Smartphones and IoT Devices: An Empirical Survey'. Together they form a unique fingerprint.

Cite this